Here are the answers to some of the common questions we received in the recent webinar "Unplugging the last cord". If you missed the webinar, you can view the recording here at http://www.arubanetworks.com/resources/webinars/
Aruba deployment specific
Q: How is QoS management done? Is it by VLAN?
A: In an Aruba mobility infrastructure, granular QoS and access policies can be defined and implemented independent of the underlying VLANs using AppRF technology. AppRF policies are contextual and based on apps, users, devices and locations. See here for more details - http://www.arubanetworks.com/resources/apprf/
Q: Was the all-wireless implementation carried out at the HQ only or throughout the whole company?
A: The rollout started at HQ in Sunnyvale, CA in early 2014 with MS Lync and is gradually being deployed globally.
Q: How do you handle OS deployment with an all-wireless environment? Do you still have some hard links for this purpose?
A: We use high capacity 802.11ac wireless AP-225 throughout our campus. We find that sufficient for image upgrades and to roll our OS updates too.
Q: What happens when the power fails?
A: We have UPS backup available for our critical infrastructure, including wireless and Lync
Q: Are you using WIPS IDS/IPS along side this?
A: Yes, Wireless IDS scanning is always ON and action is taken on the channels that APs operate in for WIPS. During active voice / video sessions, Aruba APs delay their WIDS scanning so that session quality is not impacted. See here for more details - http://www.arubanetworks.com/pdf/products/DS_AOS_RFPROTECT.pdf
Q: How do your internal users enroll their user certificate to connect on corporate Wi-Fi?
A: We offer a multi-vendor (your access network can be from any networking vendor) solution to enable this. It is called ClearPass Onboard. Take a look here: http://www.arubanetworks.com/products/clearpass/device-management/
Q: How do you handle the reduced throughput vs wired network. We have high density of user in a number of our building.
A: We really don't see that, especially with 802.11ac. You can use a monitoring tool like Airwave to check your density and coverage on an on going basis. As long as you setup the right policies to manage the available bandwidth, and monitor is automatically it is not really an issue.
Q: Do you use AP uplinks as port channels?
A: Setting up AP uplinks to be port channel is a general network design option. It is completely dependent on the deployment, traffic considerations, applications being used and so on.
Q: Can users wirelessly connect to conference room screens?
A: At Aruba we use a combination of Apple TVs and Lync Room Systems to enable users to wirelessly project to conference room screens. Using Aruba AirGroup technology makes it seamless for IT to deploy these services. Read more here http://www.arubanetworks.com/pdf/technology/TB_AirGroupWLANServices.pdf
Q: How do you handle wireless security? What are you using?
A: Today, wireless security has evolved a lot and in many cases is probably more secure than your wired network. Who uses 802.1x on wired ports? But it’s very common to use the same on wireless making it very secure. Our main corporate SSID is protected using WPA2-Enterprise, authenticated using ClearPass. See here for additional information - http://www.arubanetworks.com/products/clearpass/
Q: Do you have any data or study available that shows how throughput varies over distance for wireless clients?
A: Take a look at our presentation from the last Airheads Conference. https://community.arubanetworks.com/t5/Americas-Airheads-Conference/Breakout-Wi-Fi-Behavior-of-Popular-Mobile-Devices/gpm-p/129135 and this one on RF design: https://community.arubanetworks.com/t5/Americas-Airheads-Conference/Breakout-Advanced-RF-Design-amp-Troubleshooting/gpm-p/129173
Q: Do you have a rough estimate for how many users you would normally estimate per AP?
A: For an 802.11ac AP we have tested all the way upto 55 mobile devices running different kinds of real time Lync traffic - a mix of voice, video, desktop sharing etc. This number can certainly go up further depending on usage, but you should plan on this based on your deployment - # of devices, applications etc. and leave room for roaming clients too.
Q: Within Aruba, do you use AP-225's? Do you use Aruba Instant for your solution or backend controllers?
A: In major offices we have AP-225s with controllers, in smaller offices we use IAP-225s.
Q: How fat is the Internet pipe to branch offices? Can you do VPN cleanly?
A: Here is a guideline that we have typed for this use case: http://www.arubanetworks.com/wp-content/uploads/VoiceSupportAppNote_2011-11-14.pdf
Q: What software do you use for coverage reporting
A: The reports are run on Aruba’s AirWave NMS platform. AirWave talks SNMP and can manage multi-vendor wired and wireless networks. See here for more details
Q: How you differentiate between internal users phones and tablets and external users mobile devices?
A: We identify mobile devices using various techniques like DHCP fingerprints, MAC OUIs, HTTP user strings etc. to identify device type and classify device as BYOD or corporate
Q: How about desktop pc's? Are they still wired or they have a wireless card?
A: Aruba has a laptop environment and all are equipped with wireless.
Q: How is the handoff between the AP's accomplished for mobile users with wireless handsets that move around the campus?
A: We support layer 2 and layer 3 roaming to achieve mobility. In addition we support protocols like 11r, 11v and 11k that helps us to proactively make roaming seamless. See here for additional details
Q: How do you deal with access control and network segregation for guests?
A: We have the Guest network and internal network on different vlans and different SSIDs, separated by firewalls.
Microsoft Lync related
Q: Do you have any best practices recommendations for designing wireless and Lync?
A: Here is a great (very detailed) resource on Lync over Wi-Fi end to end -https://community.arubanetworks.com/t5/Validated-Reference-Design/Lync-Over-Aruba-WiFi/ta-p/199813
Q: How do you handle automatic location of callers who dial 911 from their Lync device?
A: E911 is a pretty complex subject that is really best discussed with a PSLP. The Aruba wireless solution integrates with many e911 vendors for emergency services. We calculate location of clients using standard RF triangulation and also use other advanced methods like BLE. This close to accurate location data (x,y cordinate) gets sent to the e911 system. We do have a partnership with RedSky Technologies for e911 services in an all wireless environment. You can see more details here. http://www.arubanetworks.com/partners/ecosystem/voice-over-wlan/#redsky.
Q: Can you hand off Lync to 3G i.e. walk out the building away from Wi-Fi?
A: Yes, absolutely
Q: With your ability to move clients to better AP's does this affect a call when it is moved to a better AP?
A: Client Match is voice aware. Devices with active calls are not matched to a different AP.
Q: Do you support the Asterisk Platform?
A: Microsoft’s SDN API is for integration with the Lync infrastructure. The API does not apply for Asterisk. But the UCC dashboard and all the visibility info you see in Aruba’s Airwave NMS are built to support common voice protocols much beyond Lync.
Q: Is this presentation based on on-premise Lync server or works for an Office 365 implementation?
A: Aruba’s implementation of Lync is on-premise Lync 2013.
Q: How does the SDN API work? Do you create a link between Lync and Airwave?
A: Microsoft’s SDN API is a communication channel between the Aruba controller and Lync infrastructure. The Aruba controller then passes on the relevant data to AirWave NMS for trending and visibility purposes.
Q: Did you deploy Bluetooth headsets to all users to connect to their laptops/desktops?
A: We have a small store of Bluetooth and wired, and DECT headsets. We also have a catalog of Lync approved headsets that employees can choose from and expense to their department. Most people already have Bluetooth devices for their phones that work well with Lync too.
Q: Have you evaluated interfacing with other UCC/PBX vendors such as ShoreTel or Jabber or Avaya One-X? Do you have the necessary deployment guides?
A: This was a requirement for Aruba, as we had to coexist with other PBXs during the rollout. Aruba infrastructure supports H.323 and SIP since many years now including support for monitoring and flow QoS for these protocols. We don’t have a vendor specific deployment guide (except Lync), but here are two guides for voice over wireless that will apply for Shortel and other voice vendors: http://www.arubanetworks.com/wp-content/uploads/VoiceSupportAppNote_2011-11-14.pdf